I'm having a problem where Django's login is working okay on Chrome but not on Firefox: when trying to login to a restricted portion of the site on Firefox, it simply loops back again and again to the login page; furthermore, no error message appears on the log regarding that.
Interestingly, the error doesn't happen when the server is on the local machine.
Does someone have a general idea of what could be causing that strange behavior?
I'm using Django 1.6 on Python 2.7
this isn't much of an answer, but a linking to other similar problems. Because I don't have rep, all I can do is leave an answer.
A issue like this was encountered in 2012 but was never conclusively answered:
Django session doesn't work in Firefox
A similar question where the user could login via local server but not remote firefox was encoutered:
Unable log in to the django admin page with a valid username and password
The second was very well documented and had an accepted answer that was well liked.
Recommendations:
If you are not using https make sure you have this setting SESSION_COOKIE_SECURE = False.
If you are using a database backed, Check if the session is actually being created in the django_sessions table .
If you are using a cached backed, check that SESSION_ENGINE is django.contrib.sessions.backends.cache and that CACHE_BACKEND is properly configured.
Related
When I develop Django websites, I always develop them on a server that sits on the Internet in order to mirror my production environment (I run macOS locally but my servers are Linux). During development I also will set DEBUG = True for debugging purposes. The problem is that if I or anyone else who's poking around on my site enters an invalid URLconf string, Django displays the "Page not found (404)" page along with all valid URL patterns, which I feel is a bit of a security risk. For example, my custom URL for the Django admin site is listed there. Is there a way to disable the showing of this specific error page when I have DEBUG set to True or perhaps to limit its display to particular IP addresses?
you can override the default 404 view.
Read here to know how to do
My site is working fine. I can access all the pages. But when I am accessing admin page, it loads, prompts for username and password. After entering username and password when clicked login, it takes sometimes and after that I get below error:
This page isn’t working mytestapp.company.com didn’t send any data.
ERR_EMPTY_RESPONSE
After refreshing the page, I get below error:
Service Unavailable HTTP Error 503. The service is unavailable.
After this no page loads. After restarting IIS using cmd (iisreset /noforce) again when I try to refresh the homepage, I see I am logged in which means admin page logged me in but after that response did not come and it something went wrong on the server side which caused server to crash.
I am not sure how to proceed with this. Earlier my admin site use to work fine. No recent changes in code. The only change I did is I synced the DB from another DB which has more data.
I am using virtual env which has
python version is 2.7.3, Django version 1.3 in it
IIS version 7.5 on WindowsServer 2008R2 (Python IsAPIe handler)
Please help me on this. I am stuck with this issue...
Issue is resolved now. IIS service was getting stopped because of a series of error caused while rendering admin page. After checking windows event log and understanding error code, got to know that the Python-Runtime.dll which admin page was referring was having some issue. I replaced the dll with the previous working version and then everything started working fine.
I am using Django Oscar Paypal for payment. I am having an issue with redirecting back to my website on the production mode.
I have successfully set up in the development mode and I have tried two different IP address for runserver : 127.0.0.1:8000 and 192.168.1.102:8000 -> both worked corrected and redirected to whatever server I was running.
I turned off Sandbox mode and I have a website that has https:// working correctly. I try to make a payment on mywebsite.com/ but it redirects to https://192.168.1.102:8000/checkout/paypal/preview/13/?token=******* when I am redirected to paypal website for payment and click on Continue. (This happens for cancelling as well).
I have checked the views in the paypal app and it has 'reverse' code written correctly. If I paste /checkout/paypal/preview/13/?token=******* part after mywebsite.com/, it seems to be working correctly.
Is there a way to redirect back to mywebsite.com/
Many Thanks
Kyu
I just tried to switch to sandbox mode in the production but it doesn't redirect me to sandbox paypal! It keeps going to proper paypal payment site even with sandbox API... I am getting confused now.
Could this be because I haven't done python manage.py migrate and makemigrations?
Oscar uses the Django sites framework to determine the appropriate return URL.
You probably have the wrong domain (192.168.1.102) configured on your Site.
Edit the site from the admin (at example.com/admin/sites/site/) to set the domain that you use in production. Once you change this the redirect from Paypal should work.
My django_session table was growing very large and it seems to be due to a pingdom bot that I set-up hitting my login page. I tried creating a brand new django 1.4 app and the behaviour is replicated on any page that uses the django.contrib.auth.views.login page, including the default admin login page.
This surely can't be the desired behaviour. Is it a bug? Is there a fix?
(I have redirected the pingdom bot to another page that doesn't cause a new session to be created but I'd like to solve the django issue itself too).
I have seen the question here Huge Django Session table, normal behaviour or bug? and it doesn't seem to be the same issue
After a little bit of searching I found that this is done by the login view (line 55) in the set_test_cookie() method.
In the latest version of Django (git main) it has been removed however: https://github.com/django/django/commit/9d2c0a0ae6ce931699daa87735d5b8b2afaa20f9#django/contrib/auth/views.py
For the time being I would simply recommend you to use a modified version of the login page which doesn't use the set_test_cookie() method.
Esteemed Django experts and users:
I have been using Django's admin interface for some data editing needs. I am using it on Windows Server 2008, and using django-mssql to connect to a SQL Server backend. Python 2.6.2 Django 1.1.0 final 0
As per usual w/ Django, this was fairly easy to set up, and works beautifully on Firefox, but using IE8 I intermittently get a puzzling 'Internet Explorer cannot display this webpage' when I save a record.
In the log, looks like typically on a save there's a POST request that returns a 302 status followed by a GET returning a lovely 200. This is on Firefox. On IE8 looks like sometimes POST works but GET doesn't.
So that's what I have going on. Any help w/ this will be appreciated. Thank you.
I suspect the bug is within IE8's refusal to process the redirect properly.
The 302 POST pushes to browser to the 200 GET, but if the browser never processes the 302 then the Django (or the server) will not log a 200 GET because the browser never opened the page (the server can only log what is accessed, ergo the browser is not making the call).
If you have Django behind something (IIS using FastCGI, or Apache, or something), bump up the logs to make sure there's no silent error in rendering. I had the same problem on Vista x64 Ultimate IE8 Beta 2, but compatibility mode appeared to fix the problem somewhat -- there was still some intermittently occurring refusal to redirect.
I realize this post is a bit old now, but I had the exact same symptoms recently. After a lot of digging around, I found that IE8 has issues accepting cookies with a life of less than 20 minutes.
In our Django project's settings.py we had the property SESSION_COOKIE_AGE set to 10 minutes. Once I bumped it to 20 minutes, IE8 had no problems logging in.